According to the European Data Protection Supervisor (EDPS), the review of EU financial markets legislation has a significant impact on data protection. He also highlighted that the reform presents a golden opportunity for the legislator to guarantee the fundamental right of data protection while taking the specific needs of the financial sector into account.

The package of four opinions concerns monitoring of financial data on Commission proposals for the reform of the financial sector in the EU presented by the European Data Protection Supervisor (EDPS), has a significant impact on the fundamental right to protection of personal data. Mr Giovanni Buttarelli, Assistant to the EDPS, show himself particularly concerned about the data protection issues raised by the new powers of the supervisory authorities, especially in relation to access to communication data and inspection of private premises. In November 2011, the EDPS asked for ensuring data protection on the Internal Market Information System.

The opinions on the legislative package for the revision of the banking legislation, the market abuse directive and regulation (MAD/MAR), the regulation and the directive on markets in financial instruments (MiFID/MIFIR) and the revision of the credit rating agencies regulation (CRA) all raise similar data protection concerns, and concludes on that the review of EU financial markets legislation has a significant impact on data protection.

The European Data Protection Supervisor (EDPS) therefore recommends inserting substantive provisions emphasising the applicability of existing data protection legislation; adding specific safeguards to the provisions concerning transfer of data to third countries; limiting access to private premises and records of telephone and data traffic to identified and serious violations of the proposed legislation and clearly specifying the categories of telephone and data traffic records which are required to be retained by financial institutions and/or provided to supervisory authorities; assessing the necessity and proportionality of the proposed provisions on publications of sanctions. The publication obligation should be supported by adequate safeguards; ensuring that the identity of whistleblowers is protected; and guaranteeing that appropriate procedures to ensure the right of the accused person to defence and to be heard as well as the right to seek effective judicial remedy against any decision or measure concerning him are put into place.